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RECEIVED (R) 



-► {Step 1: C requests a connection to S (protected login, URL, link, eta) 

S 3005^/ 

- KStep 2; SRKi is sent to C; communication interface is established 



- KStep 4: User (or host) name hashed and encrypted with SRKi is sent to S 
STR 3008^7 



/Step 5: If user (or host) is validated, S sends to C DRK1 encrypted with SRKi; 

■no* 



Ktep 6: If received DRK1 is correct, S sends to C DRK2 encrypted with DRK1; 



SENT(S) 



3006 



> 



R (ENTERED) 



-► {Step 3: C enters user (host) name, user (host ID) and server password on C side 
R 3007 



> 



> 



R,S 



S,R 



decrypts DRK1 with SRKi and sends to S encrypted with DRK1 hashed DRK1 



3009^ 



> 



JRjS 



decrypts DRK2 with DRK1. and sends to S encrypted with DRK2 hashed DRK2 



3010 — * 



> 



R,S 



> 



S, R 



3011 



R,S 



tep j: If received DRKj-1 is correct, S sends to C DRKj encrypted with DRK(j-1); 
decrypts DRKj with PRK(H) and sends to S encrypted with DRKj hashed DRKj 
S,R 3012^-/ R,S 



> 



■ k........ : z ZZ H 

S,R , 3013^ R,1 s 

/Step n: If received from C DRKn 1 is correct, S sends to C DRKn encrypted with the " 

hashed user password as a key; C decrypts DRKn with tine user password, stored at 

C in step 3, and converted to its hash equivalent; then C sends to S hashed DRKn 

encrypted with the user password, stored at C in step 3, and converted to its hash 

Equivalent, ^ 

SR 3014^ "rTs 

/Step n+1: If hashed DRKn received in step 3014, and decrypted with hashed user N 

password is correct, S sends to C DRKn encrypted with hashed server password as 

a key; C decrypts DRKn with the server password, stored at C in step 3, and 

converted to its hash equivalent; if hashed DRKn is the same as DRKn from step 

^014, then C sends to S hashed DRKn encrypted with the hashed server password.^ 

3 3015 ^ R 

f ^ 

Step n+2: If received from C DRKn is correct/wrong, then authentication signal go/no 
encrypted with DRKn-1 , is sent to C; C decrypts the go/no signal with DRKn-1, stored 
at C in step 3013. This completes C/S mutual authentication and the Final Secret Key 
(FSK) exchange according to the KEDIA algorithm. 
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Ktep 6: If received DRK1 is correct, S sends to C DRK2 encrypted with DRK1 ; C 
ecrypts DRK2 with DRK1, and sends to S encrypted with DRK 2 hashed DRK2 



S,R 

/Step 
-►{send 
V pRK 



SENT(S) 



RECEIVED(R) 



3010 



J- 



I 



tep 6: If received DRK1 is correct, S 
sends to C DRK2 encrypted with 
RK1 

4001 J 



3E 



DRK 2 supplied by Server DRK 
Generator 2005 (FIG. 2) 


4003 

> 


t 


Server supplies 1 
password to enat 
bytes & bits v< 


he assumed user 
lie bytes, bits, or 
filing in DRK2 


4005 


r 


ByteVU, BitVU, or BBVU is applied to 
veil either bytes, or bits, or bytes & 
bitsofDRK2 


4007-^ 


* 


Conversion array, encrypted with 
ORK1 (block-cipher encryption 
algorithm), is sent to client 



4009 



7 



C decrypts DRK2 with DRK1, and 
sends to S encryted with DRK2 
hashed DRK2 



$2. 



^-4002 



> 

R,S 



Conversion array is decrypted with 
DRK1 (block-cipher encryption/ 
decryption algorithm) 

^4004 



Client supplies the user password 
triggering bytes, or bits, or bytes & bits 
reassembling in the conversion array 

^-4006 



ByteVU, BitVU, or BBVU is 
reassembling the coversion array, 
decrypted before with DRK 1 

^4008 



DRK 2 is reconstructed to its original 
form, and C sends to S hashed DRK2, 

treated with either ByteVU, BitVU, or 
BBVU; the final conversion array is 
encrypted with DRK 2 

^-4010 



SERVER DATABASE 



3004-^ 
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5001 



DRKi - 1 6 bytes 

xhl | xh2 1 xh3 | xh4 | xh5 | xh6 | xh7 | ... | xhl4 1 xhl5 | xhl6 | 
i . ^ 



5002 



i 
i 

JL 



SERVER SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (SERVER SIDE) 



5004 
5006 



5007 



5008 



5009 
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r 



5003 



CLIENT SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (CLIENT SIDE) 

% ■ 

I 
I 



5005 



V 



I & ' BBVU conversion array section; length - 1 0 bytes 
| ri,j | r12 | rl,3 I xhl ] r1,5 | rl,6 | r1,7 | r!,8 | rl,9 | rl,10 | 



2 nd BBVU conversion array section; length - 1 0 bytes 
| r2,I [ r2,2 | r2,3 1 r2,4 1 r2,3 j r2,6 1 r2,7 | r2,8 \ xh2 1 r2,10 1 



5 



5012 



1 5* BBVU conversion array section; length - 10 bytes (^s) 
| r!5J | xh!5 | r!5,3 | rl5,4 1 ... | r!5,7 1 rl5,8 | r!5,9 | rI5,l0 | 



^ conversioT1 aTTa y sectio11 ' length - 10 bytes 

| r!6I j r!6,2 | r!6,3 | ... | r!6,6 [xhl 6 [ r!6,8 | rI6,9 1 rl6,10 1 



5010 



501 



9* 

1 S ' 
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6001 



DRKi - 128 bits 



| yhl | yh2 | yh3 | yh4 | yh5 | yh6 1 yh7 | ... | yhl26 1 yhl27 | yhl28 | 



6002 



SERVER SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (SERVER SIDE) 



■n 



6007 



6008 



6009 



6010 



6004 
6006 
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r 



6003 



CLIENT SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER PASSWORD AS A 
SEED (CLIENT SIDE) 



6005 



V 



l^BBVU conversion array section; length - 1 28 bits 
| rU | rt,2 | rU 1 yhl 1 r1,5 LJ rl ,126 | r1,!27 j rl ,128 ] 



2 nd BB VU conversion array section; length - 1 28 bits 



0 



| r2,l f r2,2 1 r2,3 | r2,4 \ r2,5 j ... | r2,126 \ yh2 1 r2,128 | 



6012 



1 27 th BB VU conversion array section; length - 1 28 bits (m^ 
r!27,l I r!27,2 | r!27,3 | yh!27 |r!27,5 |...| rl27,127 1 r!27,128 | 



128 th BBVU conversion array section; length - 128 bits 



rI28,l I yhl28 I rl28.3 |...| r!28, 126 | rl2S,127 [ H28J28 | 

■' — ,i " ~~ 



0 



6011 



5f 



FIG. 6 



Inventor: Len L. Mizrah 
Title: Key Generation Method for Communication Session 
Encryption and Authentication System 

Application No. 

Attorney Docket No. AIDT 1005-1 



7001 



DRKi- 1 6 bytes 
| xhl | xh2 1 xh3 | xh4 j xh5 | xh6 | xh7 |...| xhl4 | xh!5 | xh!6 



7002 
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SERVER SEQUENTIAL RANDOM 
NUMBER GENERATOR (SUNG) 
WITH USER'S PASSWORD 
AS A SEED 



SERVER SEQUENTIAL DIRECT 
BIT POSITION SCRAMBLER 
(SDBPS) FOR EACH 
VEILED DRKi BYTE 



7006 



15 

A > 
m oo 

CD 



7003 




CLIENT SEQUENTIAL REVERSE 
BIT POSITION SCRAMBLER 
(SRBPS) FOR EACH 
VEILED DRKi BYTE 



CLIENT SEQUENTIAL RANDOM 
NUMBER GENERATOR (SRNG) 
WITH USER'S PASSWORD 
AS A SEED 

7005^ f 
7007'-v 



7008 



7009 



7010 



7011 



7012 \J; 



1 st BBVU conversion array section; length - 10 bytes 
|rU|rl2| r1 r 3 | x Kl | rl,5 | rl ,6 [ rl,7 | rl,8 | rl,9 | rl,10 | 



o 



DRKi first xhl byte in binary bit representation: 
| xhl,8 | xhl,7 | xhl ,6 | xhl ,5 | xhl,4 | xhl ,3 | xhi,2 | xhl,l 
m (for instance, 01011101) _ 



Server's SRNG generates random sequence of 16 numbers from 1 to 10 
(due to ten positions in one BBVU conversion array section), and then the 
server's SBPS scrambles all bit positions in the veiled byte. 



For instance, the 1 st number generated by SRNG is 4 (DRKi 1 st byte position 
in the 1* BBVU conversion array section above), then SBPS generates for 
each bit inside the DRKi 1 st byte new positions 3, 1 , 8, 5, 4, 2, 7, 6 



New positions for each bit from 1 st to 8 th of xhl byte inside I st BBVU 
conversion array section are 1 1 0 1 1 1 00 for the example above. 



7013 
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9003 



9004 



9007 



1 



1 



9001 user name: 

* ^ user password: 

9002 

^) server password: 



(j ohnjones ^J) 



9005 




9006 
9014 



. /" server password is not A .y 

system message: {^__c^__J 4 ^ 



OPERATION 
MODE 



9009 



^-9010 



f ECHO DOTS VS.^ 
a-CHARACTERS 



login session 



account set-up 



SWITCH BUTTON 



LOGIN 
BUTTON 




Server 



ACCOUNT dB^J 
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